Apparatus and method for recommending user privacy control

ABSTRACT

Disclosed herein are an apparatus and method for recommending privacy control. A privacy control server includes multiple common privacy control recommendation models learned based on personal information provision histories of multiple users, a user preference determination unit for generating at least one question item based on the multiple common privacy control recommendation models and determining a privacy control preference of a user based on a result of a user answer to the at least one question item, and a common privacy control recommendation model provision unit for providing a common privacy control recommendation model selected to match the privacy control preference of the user to the user.

CROSS REFERENCE TO RELATED APPLICATION

This application claims the benefit of Korean Patent Application No.10-2020-0041915, filed Apr. 7, 2020, which is hereby incorporated byreference in its entirety into this application.

BACKGROUND OF THE INVENTION 1. Technical Field

The present invention relates to an apparatus and method forrecommending user privacy control.

2. Description of the Related Art

In an online environment, personal information of a user is collectedand managed by a server. The server provides personalized service to theuser by utilizing the personal information provided by the user. Also,the server shares the personal information of the user with otherservers using an access control protocol such as OAuth, thus reducingthe burden of management of the personal information of the user.

However, because the variety of personal information stored in theserver is increasing and requests for services provided by the serverand requests for personal information by other servers frequently occur,the burden of user privacy control also increases. During this process,it is inconvenient for the user to personally check and process thedetails of personal information requests. Further, due to the limiteduser interfaces (UI) of mobile terminals, when the user intends toprovide personal information to an application, he or she may make amistake in determining privacy control. Furthermore, the user'sdetermination of the privacy control is apt to vary with a change incontext, and a determination for privacy control differing from anexisting privacy control determination may occur even due topsychological changes. This problem is called the “privacy paradox” or“privacy turbulence” in the privacy field. In order to desirablyrecommend privacy control, there is required a scheme for handlingdetermination in privacy control specialized for each user whilecontinuously coping with those problems.

However, upon recommending privacy control specialized for the user, thefollowing problems may occur.

First, a cold start problem, in which it is not easy to recommendprivacy control to an initial subscriber, may arise. The reason for thisis that it is possible to recommend privacy control matching a userpreference only when the user preference is detected based on a historyof provision of the user's personal information that has beenaccumulated, but, for an initial subscriber, such a personal informationprovision history has not yet accumulated.

Next, a model update problem may occur in which, in order to reflect theactual history of each user, updating of the entire model is required,but the actual history is not reflected, and thus the accuracy of therecommendation service is deteriorated. Generally, since arecommendation model uses an existing machine-learning technique, aproblem may arise in that a previous model must be relearned using allpieces of data used to generate the previous model so as to update themodel, which consumes a lot of time and expense. Further, amachine-learning technique generates a recommendation model forclassifying responses depending on the frequency of data, and thus aproblem may arise in that the history of each user is not reflected inthe recommendation model until the frequency of the history of the userexceeds a predetermined frequency.

The above-described background technology is technological informationthat was possessed by the present applicant to devise the presentinvention or that was acquired by the present applicant in the processof devising the present invention, and thus such information cannot beconstrued to be known technology that was open to the public before thefiling of the present invention.

PRIOR ART DOCUMENTS Patent Documents

(Patent Document 1) Korean Patent No. 10-1590626

SUMMARY OF THE INVENTION

An embodiment is intended to recommend privacy control that matches aprivacy control preference of a subscriber even if the subscriber is aninitial subscriber whose personal information provision history isinsufficient.

An embodiment is intended to remove the burden on learning and updatinga recommendation model that is required until privacy controlrecommendation is optimized for a user.

In accordance with an aspect, there is provided a privacy controlserver, including multiple common privacy control recommendation modelslearned based on personal information provision histories of multipleusers, a user preference determination unit for generating at least onequestion item based on the multiple common privacy controlrecommendation models and determining a privacy control preference of auser based on a result of a user answer to the at least one questionitem, and a common privacy control recommendation model provision unitfor providing a common privacy control recommendation model selected tomatch the privacy control preference of the user to the user.

The question item may be a question item for which a difference betweenresults of answers depending on the privacy control preference is equalto or greater than a predetermined value.

The personal information provision histories may be provided andcollected from a blockchain network.

In accordance with an aspect, there is provided a user terminal,including a common privacy control recommendation model acquisition unitfor acquiring a common privacy control recommendation model matching aresult of privacy control preference of a user that is determined basedon a result of a user answer to at least one question item, and aprivacy control recommendation generation unit for recommending aprivacy control as an output of a common privacy control recommendationmodel that runs in response to a personal information request made touse a service.

The common privacy control recommendation model acquisition unit mayoutput at least one question item received from a privacy controlserver, provides an interface for inputting a selection signal from theuser, and may transmit the input selection signal to the privacy controlserver.

The user terminal may further include a personal information requestprocessing unit for providing an interface for inputting a privacycontrol selection from the user, and responding to privacy control basedon the privacy control selection input from the user, and a privacycontrol recommendation model acquisition unit for, when a privacycontrol selected by the user is not a recommended privacy control,generating an individual privacy control recommendation model that islearned based on privacy control details input from the user.

The individual privacy control recommendation model may be learnedthrough reinforcement learning.

The privacy control recommendation generation unit may be configured to,when an individual privacy control history is present, further run theindividual privacy control recommendation model, and correct a privacycontrol output from the common privacy control recommendation model toan output of the individual privacy control recommendation model.

The personal information request may be delivered from a blockchainnetwork that received the personal information request from a serviceprovider which desires to provide a service to the user.

The personal information request may be transmitted only when a userpolicy designates that explicit approval of the user is required for useof the personal information of the user as a user policy.

The personal information request processing unit may transmit a privacycontrol response to a blockchain network, and the privacy controlresponse may be used to allow the blockchain network to process the userpersonal information and to use the processed user personal informationto respond to the personal information request from the service providerunder privacy control.

In accordance with an aspect, there is provided a method forrecommending privacy control, including acquiring a common privacycontrol recommendation model matching a privacy control preference of auser that is determined depending on a result of a user answer to atleast one question item, and recommending a privacy control as an outputof a common privacy control recommendation model that runs in responseto a personal information request made to use a service.

The common privacy control recommendation model may be selected to matchthe privacy control preference of the user, among multiple commonprivacy control recommendation models learned based on personalinformation provision histories of multiple users.

The personal information provision histories of the multiple users maybe collected from a blockchain network.

The question item may be a question item for which a difference betweenresults of answers depending on the privacy control preference is equalto or greater than a predetermined value.

The method may further include providing an interface for inputting aprivacy control selection from the user, and responding to the personalinformation request based on the privacy control selection input fromthe user, and when a privacy control selected by the user is not arecommended privacy control, generating an individual privacy controlrecommendation model that is learned based on privacy control detailsinput from the user.

The individual privacy control recommendation model may be learnedthrough reinforcement learning.

Recommending the privacy control may include, when an individual privacycontrol history is present, further running the individual privacycontrol recommendation model, and correcting a privacy control outputfrom the common privacy control recommendation model to an output of theindividual privacy control recommendation model.

The personal information request may be delivered from a blockchainnetwork that received the personal information request from a serviceprovider which desires to provide a service to the user

The personal information request may be transmitted only when a userpolicy designates that explicit approval of the user is required for useof the personal information of the user as a user policy.

BRIEF DESCRIPTION OF THE DRAWINGS

The above and other objects, features and advantages of the presentinvention will be more clearly understood from the following detaileddescription taken in conjunction with the accompanying drawings, inwhich:

FIG. 1 is a diagram illustrating a privacy management framework in whichuser privacy control is recommended according to an embodiment;

FIG. 2 is a block diagram illustrating the detailed configuration of aprivacy control server according to an embodiment;

FIG. 3 is a diagram illustrating an example of a learning control unitaccording to an embodiment;

FIG. 4 is a block diagram illustrating the detailed configuration of auser terminal according to an embodiment:

FIGS. 5 and 6 are flowcharts for explaining a method for recommendinguser privacy control according to an embodiment; and

FIG. 7 is a flowchart for explaining the detailed steps of the privacycontrol response generation step of FIG. 6 according to an embodiment.

DESCRIPTION OF THE PREFERRED EMBODIMENTS

Embodiments of the present invention are described with reference to theaccompanying drawings. It should be noted that the same referencenumerals are used to designate the same or similar elements throughoutthe drawings. It should be noted that the same reference numerals areused to designate the same or similar elements throughout the drawings.In the following description of the present invention, detaileddescriptions of known functions and configurations which are deemed tomake the gist of the present invention obscure will be omitted.

In the description of components according to embodiments of the presentinvention, the terms “first”, “second”, “A”, “B”, “(a)”, and “(b)” maybe used. These terms are merely intended to distinguish thecorresponding component from other components, and the essence, sequenceor order of the corresponding component is not limited by the terms.Further, unless otherwise defined, all terms including technical andscientific terms used herein have the same meanings as those commonlyunderstood by one of ordinary skill in the art to which the presentinvention pertains. It will be further understood that the terms usedherein should be interpreted as having meanings consistent with theirmeanings in the context of this specification and the relevant art andare not to be interpreted in an idealized or overly formal sense unlessexpressly so defined herein.

FIG. 1 is a diagram illustrating a privacy management framework in whichuser privacy control is recommended according to an embodiment.

Referring to FIG. 1 , a privacy management framework for recommendinguser privacy control according to an embodiment of the present inventionmay be configured in a form in which a privacy control server 100, userterminals 200, a blockchain network 10, and service providers 20 areoperated in conjunction with each other over a wired/wirelesscommunication network. Here, the wired/wireless communication networkinclusively denotes a wireless Internet communication network such asWi-Fi or WiBro, a mobile communication network such as Wideband CodeDivision Multiple Access (WCDMA) or Long-Term Evolution (LTE), aWireless Access in Vehicular Environment (WAVE) wireless communicationnetwork, and a wired Internet communication network.

The blockchain network 10 is connected to the multiple user terminals200 and stores pieces of personal information and personal informationprovision histories of multiple users. In an embodiment, when theprivacy control server 100 requests the personal information provisionhistories of the users, stored in the blockchain network 10, theblockchain network 10 may extract the personal information provisionhistories stored in the storage thereof, and may return the extractedhistories to the privacy control server 100. Also, as each serviceprovider 20 requests user personal information stored in the blockchainnetwork 10, the blockchain network 10 may provide the user personalinformation to the service provider 20. Here, the blockchain network 10may check a privacy control policy established by the correspondinguser. When the privacy control policy designates that explicit approvalof the user is required for the use of user personal information, theblockchain network 10 requests the corresponding user terminal 200 toshare the personal information. When the user terminal 200 responds tothe request, the blockchain network 10 may provide the user personalinformation to the corresponding service provider 20, or may send amessage indicating that the request to provide the user personalinformation is erroneous, based on received privacy control details.

Each service provider 20 provides personalized service using the userpersonal information, and may request the personal information of theuser, stored in the blockchain network 10, in order to provide thepersonalized service. Here, the service may be, for example, anapplication indicating various applications which provide variousfunctions, and the service provider 20 may be a device that providesvarious types of services through the application. Here, the type ofapplication is not limited, and may have various functions and forms sothat the corresponding service may be provided in accordance withvarious purposes, such as in an account service application (App) of afinancial institution, a card payment application, a shopping mallapplication, and a designated-driver service application. In this case,the application may be installed and run in the form of a program oneach user terminal 200, but alternatively may run in the form of awebpage without being installed on the user terminal 200. Here, theapplication may require various types of personal information related tothe user terminal 200 so as to provide designed functions. Here, therequirement for personal information by the application may also be madeusing a scheme for requesting access authority that enables the personalinformation stored in the user terminal 200 to be acquired. For example,the application may require location information, address bookinformation, account information, pictures, files, sensor information,etc. as the personal information of the user terminal 200.

The privacy control server 100 may be a communicable computing devicethat learns privacy policies for collecting the personal informationprovision histories of users from the blockchain network 10, generatescommon privacy control recommendation models classified depending onpreferences, and provides a common privacy control recommendation modelin response to a request received from each user. The detailedconfiguration of the privacy control server 100 according to anembodiment will be described later with reference to FIGS. 2 and 3 .

Each user terminal 200 may be a subject that stores and manages thepersonal information in the blockchain network 10, and may be a terminalpossessed by the corresponding user who uses the service provided by theservice provider 20. Here, the user terminal 200 may preferably be, butis not limited to, a mobile terminal such as a smartphone, a wearabledevice enabling an audio/video call, a tablet PC, or a notebook PC, andmay include a wired terminal such as a desktop PC or some other kind ofcommunication device depending on the circumstances. The detailedconfiguration of the user terminal 200 according to an embodiment willbe described later with reference to FIG. 4 .

FIG. 2 is a block diagram illustrating the detailed configuration of aprivacy control server according to an embodiment.

Referring to FIG. 2 , the privacy control server 100 according to anembodiment may include a personal information provision historycollection unit 110, a learning control unit 120, a common privacycontrol recommendation model provision unit 130, and a user preferencedecision unit 140. In accordance with an embodiment, the privacy controlserver 100 may further include a personal information provision historydatabase (DB) 150 and a common privacy control recommendation model DB160.

The personal information provision history collection unit 110 collectspersonal information provision histories of multiple users from theblockchain network 10. The personal information provision histories maybe stored in the DB 150.

The learning control unit 120 may generate multiple common privacycontrol recommendation models, which are learned based on the personalinformation provision histories of the multiple users. Here, the commonprivacy control recommendation models may be generated based on machinelearning by utilizing the personal information provision histories astraining data. Here, there may be multiple common privacy controlrecommendation models, each of which may be learned by each of personalinformation provision history data sets of the multiple users clustereddepending on user preferences. The multiple common privacy controlrecommendation models may be stored in the DB 160. This will bedescribed in detail below with reference to FIG. 3 .

FIG. 3 is a diagram illustrating an example of a learning control unitaccording to an embodiment.

Referring to FIG. 3 , the learning control unit 120 may include aclustering unit 121 for analyzing personal information provisionhistories and classifying clusters of similar instances in which aprivacy control pattern indicating preference similarities is exhibited,and a learning unit 122 for generating multiple common privacy controlrecommendation models 161 which are learned using a machine-learningtechnique by utilizing each of the clusters of similar instances astraining data. Here, clustering, Support Vector Machine (SVM), RandomForest (RF), or a Bayesian technique may be utilized as themachine-learning technique. Further, Collaborative Filtering (CF) or thelike, which is a recommendation algorithm, may be utilized.

Referring back to FIG. 2 , the common privacy control recommendationmodel provision unit 130 provides a common privacy controlrecommendation model selected to match the privacy control preference ofthe user to the corresponding user.

The user preference decision unit 140 may include a question itemgeneration unit 141 and a question and answer analysis unit 142, whereinthe question item generation unit 141 generates at least one questionitem based on the multiple common privacy control recommendation models.Here, the question item is precisely designed to determine the privacycontrol preference matching the user preference, and is configured byselecting a question item for which the difference between the resultsof answers depending on the privacy control preference is equal to orgreater than a predetermined value. The question and answer analysisunit 142 may determine the preference of user privacy control based onthe result of the user answer to at least one question item.

FIG. 4 is a block diagram illustrating the detailed configuration of auser terminal according to an embodiment.

Referring to FIG. 4 , the user terminal 200 may include a common privacycontrol recommendation model acquisition unit 210, an individual privacycontrol recommendation model acquisition unit 220, and a privacy controlrecommendation generation unit 230.

The common privacy control recommendation model acquisition unit 210acquires a common privacy control recommendation model 211 matching theresult of the privacy control preference of user that is determinedbased on the result of the user answer to at least one question item.Here, the common privacy control recommendation model acquisition unit210 outputs at least one question item received from the privacy controlserver 100, provides an interface for inputting the selection signalfrom the user, and generates a user answer to the question item inresponse to the input selection signal. Thereafter, the common privacycontrol recommendation model acquisition unit 210 transmits thegenerated user answer to the question to the privacy control server 100.

The individual privacy control recommendation model acquisition unit 220generates an individual privacy control recommendation model 221 that islearned based on privacy control details input from the user when theprivacy control selected by the user is not a recommended privacycontrol. Here, the individual privacy control recommendation model 221may be one that is learned through machine learning by utilizing aprivacy control history individually input by the user as training data.

Here, such a machine-learning technique may be reinforcement learning.In particular, Temporal-Difference Learning (TD learning) may be used asa scheme for correcting a past prediction value to more accuratelyperform prediction on a time-series event, occurring duringreinforcement learning, in the future based on current behavior. Byutilizing this scheme, a task for updating a privacy control patternwhich was executed in the past by the user is performed based on privacycontrol executed by the user in the current context. Through this task,when user privacy control is changed this time, the change detailsthereof may be applied to the privacy control pattern, and may beutilized to select privacy control to be subsequently recommended.Accordingly, the privacy control scheme using the existingmachine-learning technique may learn a pattern only in the state inwhich all learning data is prepared, but the present invention mayselect privacy control to be recommended by forming a privacy controlpattern only with learning data that is available up to that timethrough enforcement learning. Further, whenever learning data is added,a previous privacy control pattern may be updated.

The memory 250 may function to temporarily or permanently storeprocessed data, and may store the common privacy control recommendationmodel 211 and the individual privacy control recommendation model 221.

The privacy control recommendation generation unit 230 generates aprivacy control recommendation as the output of the common privacycontrol recommendation model, which runs in response to a personalinformation request made to use the corresponding service. Here, theprivacy control recommendation generation unit 230 runs the individualprivacy control recommendation model 221 when there is an individualprivacy control history. Thereafter, the privacy control recommendationgeneration unit 230 corrects privacy control that has been output fromthe common privacy control recommendation model 211 to the output of theindividual privacy control recommendation model 221. In this way,personal information may be selectively provided depending on the usagepurpose and level of the corresponding service, and thus the privacycontrol recommendation generation unit 230 may be operated tosimultaneously improve the utilization of personalized service by theuser and protect the privacy of the user.

The personal information request processing unit 240 provides aninterface for inputting the selection of privacy control from the userwhile displaying details of the privacy control recommendation, andresponds to the personal information request based on the privacycontrol selection input from the user.

Here, the personal information request processing unit 240 selectivelyperforms an operation depending on the result of determining whether theprivacy control selected by the user is identical to recommended privacycontrol, that is, whether the recommendation has been accepted. That is,if it is determined that the recommendation has been accepted, thepersonal information request processing unit 240 performsrecommendation-based privacy control.

FIG. 5 is a flowchart for explaining a method for recommending userprivacy control according to an embodiment. The method for recommendinguser privacy control illustrated in FIG. 5 may be performed throughinterworking of the privacy control server 100 of FIG. 1 with ablockchain network 10 and a user terminal 200.

Referring to FIG. 5 , when the privacy control server 100 requestspersonal information provision histories of users stored in theblockchain network 10 at step S510, the blockchain network 10 extractsthe personal information provision histories stored in the storagethereof, and returns the extracted histories to the privacy controlserver 100 at step S520. The privacy control server 100 generates acommon privacy control recommendation model that is learned based on thepersonal information provision histories at step S530. Here, the commonprivacy control recommendation model may be generated based on machinelearning by utilizing the personal information provision histories astraining data. Here, there may be multiple common privacy controlrecommendation models, each of which may be learned by each of personalinformation provision history data sets of the multiple users clustereddepending on user preferences (see FIG. 3 ).

The privacy control server 100 generates at least one question itembased on the multiple common privacy control recommendation models atstep S540. Here, the question item is precisely designed to determinethe privacy control preference matching the corresponding userpreference, and is configured by selecting a question item for which thedifference between the results of answers depending on the privacycontrol preference is equal to or greater than a predetermined value.

Next, when the user terminal 200 requests a common privacy controlrecommendation model from the privacy control server 100 at step S550,the privacy control server 100 transmits the generated question item tothe user terminal 200 at step S560. Then, the user terminal 200 outputsthe at least one question item received from the privacy control server100, provides an interface for inputting the selection signal from theuser, and generates a user answer to the question item based on theinput selection signal at step S565. Thereafter, the user terminal 200transmits the generated user answer to the question item to the privacycontrol server 100 at step S570.

The privacy control server 100 determines the privacy control preferenceof the user based on the result of the user answer to the at least onequestion item, and selects a common privacy control recommendation modelmatching the privacy control preference of the user at step S575.

Thereafter, the privacy control server 100 delivers the selected commonprivacy control recommendation model to the user terminal 200 at stepS580. Then, the user terminal 200 may store the received common privacycontrol recommendation model, and may utilize the same for privacycontrol in the future.

FIG. 6 is a flowchart for explaining a method for recommending userprivacy control according to an embodiment. The method for recommendinguser privacy control illustrated in FIG. 6 may be performed throughinterworking of the user terminal 200 of FIG. 1 with a blockchainnetwork 10 and a service provider 20.

Referring to FIG. 6 , when the user terminal 200 requests a service fromthe service provider 20 at step S610, the service provider 20 requestsuser personal information stored in the blockchain network 10 at stepS620. The blockchain network 10 checks a user policy established by thecorresponding user at step S630. Here, when the user policy designatesthat explicit approval of the user is required for the use of userpersonal information, the blockchain network 10 requests the userterminal 200 to share the personal information at step S640.

When the personal information is requested, the user terminal 200generates a privacy control response based on a previously stored commonprivacy control recommendation model at step S650. The detailed steps ofstep S650 will be described later with reference to FIG. 7 .

Thereafter, the user terminal 200 responds to the request from theblockchain network 10 as the generated user's privacy control responseat step S660, and the blockchain network 10 loads and processes the userpersonal information under the privacy control at step S670. Here, theblockchain network 10 provides the user personal information to thecorresponding service provider 20 or sends a message indicating that therequest to provide user personal information is erroneous, under theprivacy control at step S680. Thereafter, the service provider 20processes the service based on the user personal information receivedfrom the blockchain network 10 at step S690, and returns the result ofthe service to the user terminal 200 at step S695.

FIG. 7 is a flowchart for explaining the detailed steps of the privacycontrol response generation step S650 of FIG. 6 according to anembodiment.

Referring to FIG. 7 , the user terminal 200 runs the common privacycontrol recommendation model at step S710. The user terminal 200generates a privacy control recommendation as the output of the commonprivacy control recommendation model, which receives a personalinformation request for the use of service, at step S720.

Meanwhile, the user terminal 200 checks whether there is an individualprivacy control history at step S730. That is, this operation isintended to determine whether there is a history for individuallyperforming privacy control without the user's acceptance for privacycontrol recommendation. In this case, because an individual privacycontrol recommendation model has already been generated, the individualprivacy control recommendation model runs at step S740. Thereafter, theuser terminal 200 corrects privacy control output from the commonprivacy control recommendation model to the output of the individualprivacy control recommendation model at step S750. In this way, personalinformation may be selectively provided depending on the usage purposeand the level of the service, and thus the utilization of personalizedservice for the user may be improved while the privacy of the user maybe protected.

Here, the individual privacy control recommendation model may be onethat is learned through machine learning by utilizing the privacycontrol history individually input by the user as training data. Here,the individual privacy control recommendation model may be learnedthrough reinforcement learning. In particular, Temporal-DifferenceLearning (TD learning) may be used as a scheme for correcting a pastprediction value to more accurately perform prediction on a time-seriesevent, occurring during reinforcement learning, in the future based oncurrent behavior. By utilizing this scheme, a task for updating aprivacy control pattern which was executed in the past by the user isperformed based on privacy control executed by the user in the currentcontext. Through this task, when user privacy control is changed thistime, the change details thereof may be applied to the privacy controlpattern, and may be utilized to select privacy control to besubsequently recommended.

Meanwhile, although, in FIG. 7 , steps S710 to S740 are illustrated asbeing sequentially performed, this illustration is made for convenience,and the embodiments are not limited thereto. That is, step S730 may beperformed first, after which steps S710 and S740 may be selectively orsimultaneously performed based on the result of step S730.

Next, the user terminal 200 provides an interface for inputting theselection of privacy control from the user while displaying details ofthe privacy control recommendation at step S760, and responds to thepersonal information request based on the privacy control selectioninput from the user.

That is, the user terminal 200 may determine whether the privacy controlselected by the user matches recommended privacy control, that is,whether the recommended privacy control is accepted, at step S770.

If it is determined at step S770 that the recommendation is accepted,the user terminal 200 performs the recommendation-based (i.e.,recommended) privacy control at step S780. In contrast, if it isdetermined at step S770 that the privacy control selected by the userdoes not match the recommended privacy control, the user terminal 200generates an individual privacy control recommendation model that islearned based on the privacy control details input by the user at stepS790.

The above-described embodiments may be implemented in the form ofprogram instructions that can be executed by various computer means, andmay be recorded on a computer-readable storage medium. Thecomputer-readable storage medium may include program instructions, datafiles, and data structures solely or in combination. The programinstructions recorded on the storage medium may have been speciallydesigned and configured for the present invention, or may be known to oravailable to those who have ordinary knowledge in the field of computersoftware. Examples of the computer-readable storage medium include alltypes of hardware devices specially configured to record and executeprogram instructions, such as magnetic media, such as a hard disk, afloppy disk, and magnetic tape, optical media, such as compact disk(CD)-read only memory (ROM) and a digital versatile disk (DVD),magneto-optical media, such as a floptical disk, ROM, random accessmemory (RAM), and flash memory. Examples of the program instructionsinclude machine code, such as code created by a compiler, and high-levellanguage code executable by a computer using an interpreter. Thehardware devices may be configured to operate as one or more softwaremodules in order to perform the operation of the present invention, andvice versa.

Specific executions described in the present invention are merelyembodiments, and are not intended to limit the scope of the inventionregardless of the type of method. For simplicity of the specification,descriptions of conventional electronic components, control systems,software, and components in other functional aspects of the systems maybe omitted. Further, lines or connection elements for connecting thecomponents illustrated in the drawings exemplarily indicate functionalconnections and/or physical or circuit-based connections, and may bereplaced with other elements or represented by additional variousfunctional connections, physical connections or circuit connections inactual devices. Further, unless a detailed expression such as“essential” or “importantly” is used with regard to a specificcomponent, the corresponding component may not be an essential componentrequired so as to apply the present invention.

In accordance with the present invention, a preset quiz is presented soas to check a privacy control pattern, thus allowing the privacy controlpreference of a new user to be easily detected and enabling a suitableprivacy control recommendation model to be used. By means thereof, theaccuracy of privacy control recommendation may be improved, and theburden of inconvenient privacy control and incidence of errors may bereduced.

Further, in accordance with the present invention, interworking with apersonalized privacy control model is separately performed, and thus theburden of learning and updating a recommendation model, which arerequired until privacy control recommendation is optimized for the user,may be eliminated. Further, the time required to update a privacycontrol recommendation model may be reduced in real time, and theaccuracy of the privacy control recommendation model may be improved.

Therefore, the spirit of the present invention should not be limitedlydefined by the above-described embodiments, and it is appreciated thatthe entire range of the accompanying claims, equivalents thereof, andequivalent changes thereof belong to the scope of the spirit of thepresent invention.

What is claimed is:
 1. A privacy control server, comprising: one or moreprocessors that process computer executable program code embodied innon-transitory computer readable storage media, the computer executableprogram code comprising: multiple common privacy control recommendationmodels learned based on personal information provision histories ofmultiple users; user preference decision program code that generates atleast one question item based on the multiple common privacy controlrecommendation models and determines a privacy control preference of auser based on a result of a user answer to the at least one questionitem; and common privacy control recommendation model provision programcode that provides a common privacy control recommendation modelselected to match the privacy control preference of the user to theuser, wherein the personal information provision histories are providedand collected from a blockchain network, wherein the blockchain networkchecks a user policy established by the user, and wherein the questionitem is a question item for which a difference between results ofanswers depending on the privacy control preference is equal to orgreater than a predetermined value.
 2. A user terminal, comprising: oneor more processors that process computer executable program codeembodied in non-transitory computer readable storage media, the computerexecutable program code comprising: common privacy controlrecommendation model acquisition program code that acquires a commonprivacy control recommendation model matching a result of privacycontrol preference of a user that is determined based on a result of auser answer to at least one question item; and privacy controlrecommendation generation program code that recommends a privacy controlas an output of a common privacy control recommendation model that runsin response to a personal information request made to use a service,wherein the personal information request is delivered from a blockchainnetwork that received the personal information request from a serviceprovider which desires to provide a service to the user, wherein theblockchain network checks a user policy established by the user allowingfor the personal information request to be transmitted only when a userpolicy designates that explicit approval of the user is required for useof the personal information, wherein the question item is a questionitem for which a difference between results of answers depending on theprivacy control preference is equal to or greater than a predeterminedvalue.
 3. The user terminal of claim 2, wherein the common privacycontrol recommendation model acquisition program code outputs at leastone question item received from a privacy control server, provides aninterface for inputting a selection signal from the user, and transmitsthe input selection signal to the privacy control server.
 4. The userterminal of claim 2, further comprising: a personal information requestprocessing program code for providing an interface for inputting aprivacy control selection from the user, and responding to privacycontrol based on the privacy control selection input from the user; anda privacy control recommendation model acquisition program code for,when a privacy control selected by the user is not a recommended privacycontrol, generating an individual privacy control recommendation modelthat is learned based on privacy control details input from the user. 5.The user terminal of claim 4, wherein the individual privacy controlrecommendation model is learned through reinforcement learning.
 6. Theuser terminal of claim 4, wherein the privacy control recommendationgeneration program code is configured to: when an individual privacycontrol history is present, further run the individual privacy controlrecommendation model, and correct a privacy control output from thecommon privacy control recommendation model to an output of theindividual privacy control recommendation model.
 7. The user terminal ofclaim 2, wherein: the personal information request processing programcode transmits a privacy control response to the blockchain network, andthe privacy control response is used to allow the blockchain network toprocess the user personal information and to use the processed userpersonal information to respond to the personal information request fromthe service provider under privacy control.
 8. A method for recommendingprivacy control, comprising: processing computer executable program codeembodied in non-transitory computer readable storage media by one ormore processors, the computer executable program code comprising:program code that acquires a common privacy control recommendation modelmatching a privacy control preference of a user that is determineddepending on a result of a user answer to at least one question item;and program code that recommends a privacy control as an output of acommon privacy control recommendation model that runs in response to apersonal information request made to use a service, wherein the personalinformation provision histories of the multiple users are collected froma blockchain network, and wherein the blockchain network checks a userpolicy established by the user allowing for the personal informationrequest to be transmitted only when a user policy designates thatexplicit approval of the user is required for use of the personalinformation, and wherein the question item is a question item for whicha difference between results of answers depending on the privacy controlpreference is equal to or greater than a predetermined value.
 9. Themethod of claim 8, wherein the common privacy control recommendationmodel is selected to match the privacy control preference of the user,among multiple common privacy control recommendation models learnedbased on personal information provision histories of multiple users. 10.The method of claim 8, further comprising: providing an interface forinputting a privacy control selection from the user, and responding tothe personal information request based on the privacy control selectioninput from the user; and when a privacy control selected by the user isnot a recommended privacy control, generating an individual privacycontrol recommendation model that is learned based on privacy controldetails input from the user.
 11. The method of claim 10, wherein theindividual privacy control recommendation model is learned throughreinforcement learning.
 12. The method of claim 10, wherein recommendingthe privacy control comprises: when an individual privacy controlhistory is present, further running the individual privacy controlrecommendation model; and correcting a privacy control output from thecommon privacy control recommendation model to an output of theindividual privacy control recommendation model.
 13. The method of claim8, wherein the personal information request is delivered from ablockchain network that received the personal information request from aservice provider which desires to provide a service to the user.